package com.newtouch.bxzs.common.base.config;

import org.springframework.security.web.util.matcher.RequestMatcher;

import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Pattern;

/**
 * 自定义csrf拦截
 *
 * <p>
 * <b>History:</b>
 * <table border="1">
 * <tr>
 * <th>Date</th>
 * <th>Operator</th>
 * <th>Memo</th>
 * </tr>
 * <tr>
 * <td>2021年2月20日</td>
 * <td>Amour</td>
 * <td>Create</td>
 * </tr>
 * </table>
 *
 * @author Amour
 *
 * @version 1.0.0
 * @since 1.0.0
 */
public class CsrfSecurityRequestMatcher implements RequestMatcher {
	private Pattern allowedMethods = Pattern.compile("^(GET|HEAD|TRACE|OPTIONS)$");

	@Override
	public boolean matches(HttpServletRequest request) {
		List<String> execludeUrls = new ArrayList<>();
		// 允许post请求的url路径
		execludeUrls.add("white/getWhiteList");
		execludeUrls.add("white/modifyWhite");
		execludeUrls.add("white/deleteWhite");
		execludeUrls.add("public/loginByHandPass");
		execludeUrls.add("public/register");
		execludeUrls.add("public/loginByUnifiedAuth");
		execludeUrls.add("externalController/receivePushRecord");
		execludeUrls.add("externalController/acceptRevocationCustomer");
		execludeUrls.add("externalController/acceptionCustomerRelation");
		execludeUrls.add("externalController/customerGoBack");
		execludeUrls.add("conferenceController/acceptionConference");
		execludeUrls.add("activityController/acceptionActivity");
		execludeUrls.add("policyNotice/getSuccessfulInsuranceNotice");
		execludeUrls.add("policyNotice/getSurrenderApplicationNotice");
		execludeUrls.add("policyNotice/getSuccessfulSurrenderNotice");
		execludeUrls.add("policyNotice/getRenewalNotice");
		execludeUrls.add("policyNotice/getExpirationNotice");
		execludeUrls.add("policyInsurance/getIndividualPolicyInfoInsurance");
		execludeUrls.add("policyInsurance/getIndividualPolicyPreservationInsurance");
		execludeUrls.add("policyInsurance/getIndividualPolicyClaimsInsurance");
		execludeUrls.add("policyInsurance/getPreservationListInsurance");
		execludeUrls.add("policyInsurance/getPreservationInfoInsurance");
		execludeUrls.add("policyInsurance/getClaimsProgressListInsurance");
		execludeUrls.add("policyInsurance/getPolicyNewContractInfoInsurance");
		execludeUrls.add("policyInsurance/getPolicyNewContractListInsurance");
		execludeUrls.add("policyInsurance/getExpirationPolicyListInsurance");
		execludeUrls.add("policyInsurance/getRenewalPolicyListInsurance");
		execludeUrls.add("policyInsurance/getIndividualPolicyInfoNotice");
		execludeUrls.add("policyInsurance/getPreservationListNotice");
		execludeUrls.add("policyInsurance/getExpirationPolicyListNotice");
		execludeUrls.add("policyInsurance/getRenewalPolicyListNotice");
		execludeUrls.add("familyPolicyInsurance/getFamilyPolicyInfoInsurance");
		execludeUrls.add("familyPolicyInsurance/getFamilyPolicyPreservationInsurance");
		execludeUrls.add("familyPolicyInsurance/getFamilyPolicyClaimsInsurance");
		execludeUrls.add("familyPolicyInsurance/getFamilyPolicyUserListInsurance");
		execludeUrls.add("familyPolicyInsurance/getPreservationListByFamilyPolicyInsurance");
		execludeUrls.add("familyPolicyInsurance/getPreservationInfoByFamilyPolicyInsurance");
		execludeUrls.add("familyPolicyInsurance/getClaimsProgressListByFamilyPolicyInsurance");
		execludeUrls.add("familyPolicyInsurance/getNewContractInfoByFamilyPolicyInsurance");
		execludeUrls.add("familyPolicyInsurance/getNewContractListByFamilyPolicyInsurance");
		execludeUrls.add("familyPolicyInsurance/getNewContractUserListByFamilyPolicyInsurance");
		execludeUrls.add("familyPolicyInsurance/getExpirationPolicyListByFamilyPolicyInsurance");
		execludeUrls.add("familyPolicyInsurance/getRenewalPolicyListByFamilyPolicyInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getEnterprisePolicyInfoInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getEnterprisePolicyPreservationInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getEnterprisePolicyClaimsInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getEnterprisePolicyUserListInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getPreservationListByEnterPrisePolicyInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getPreservationInfoByEnterPrisePolicyInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getClaimsProgressListByEnterprisePolicyInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getClaimsProgressUserListByEnterprisePolicyInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getClaimsProgressBatchListByEnterprisePolicyInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getNewContractInfoByEnterprisePolicyInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getNewContractListByEnterprisePolicyInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getNewContractIUserListByEnterprisePolicyInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getExpirationPolicyListByEnterprisePolicyInsurance");
		execludeUrls.add("enterprisePolicyInsurance/getRenewalPolicyListByEnterPrisePolicyInsurance");
		execludeUrls.add("customerAnalysisController/getInsuranceCustomerAnalysisInfo");
		execludeUrls.add("customerAnalysisController/getBankCustomerAnalysisInfo");
		execludeUrls.add("customerFamilyRelationshipController/acceptionCustomerFamilyRelationship");
		execludeUrls.add("advertisementController/getAdvertisement");
		execludeUrls.add("recommendationController/compareRecommendation");

		if (execludeUrls != null && execludeUrls.size() > 0) {
			String servletPath = request.getServletPath();
			for (String url : execludeUrls) {
				if (servletPath.contains(url)) {
					return false;
				}
			}
		}
		return !allowedMethods.matcher(request.getMethod()).matches();
	}
}
